Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
256
Views
0
Helpful
2
Replies

NATing and a crypto map on a router's interface

balsheikh
Level 1
Level 1

‎03-23-2007 03:38 PM

Hello,

Actually I need to know the possibility to have one interface on a router configured for NATing and a crypto map for L2L VPN.

Is there any overlapping or confusion might happened !!!

For example:

interface GigabitEthernet0/1

ip address 192.168.6.12 255.255.255.0

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

crypto map xxx-vpn

Labels:
0 Helpful
2 Replies 2

Not applicable

‎03-29-2007 12:45 PM

I think it is fine to have one interface configured for NAT and Crypto as NAT translation is done before encryption also de-cryption is done before NAT translation. Following link may help you

http://www.cisco.com/en/US/customer/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml

0 Helpful

preeti_shegunshi
Level 1
Level 1

‎04-12-2007 08:34 AM

Yeah it works fine with me. I have configured router serial interface to do nat and also has a crypto map on it.

Well what seems tricky to me is , can the the serial interface ip itself can be used to nat (overload) internal ip used for a vpn tunnel and be a peering ip for the remote peer at the same time.

Can someone add to this.

0 Helpful
Customers Also Viewed These Support Documents